A New Xenomorph Campaign Anyone familiar with the famous movie “Alien”, directed by Ridley Scott in 1979, is well aware of how hard it is to get rid of the titular monsters of this franchise. Despite all the efforts from the protagonists, the monsters seem to always return. When we discovered and named Xenomorph, in […]
A survey conducted by the SANS Institute shows that the budgets allocated by organizations for the security of industrial control systems (ICS) and other operational technology (OT) has decreased significantly in 2023 compared to the previous year. For its 2023 ICS/OT Cybersecurity Survey (PDF), SANS surveyed over 700 individuals from every continent. The respondents represent […]
Sep 25, 2023THNCyber Attack / Phishing Ukrainian military entities are the target of a phishing campaign that leverages drone manuals as lures to deliver a Go-based open-source post-exploitation toolkit called Merlin. “Since drones or Unmanned Aerial Vehicles (UAVs) have been an integral tool used by the Ukrainian military, malware-laced lure files themed as UAVs service […]
A novel and sophisticated backdoor malware named Deadglyph was seen used in a cyberespionage campaign targeting a government agency in the Middle East. The malware is attributed to the Stealth Falcon hacking group, which is infamous for targeting activists, journalists, and dissidents. Deadglyph infection method While the exact delivery method is currently unknown, it is […]
The US Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the National Football League (NFL), Allegiant Stadium and Super Bowl LVIII partners, has conducted a cybersecurity tabletop exercise this week in preparation for Super Bowl LVIII. The exercise aimed to assess and enhance cybersecurity response capabilities, plans and procedures for the upcoming event. The Super […]
In the latest cybersecurity news, researchers have found a new Python malware targeting Tatar language-speaking users. The Tatar language is a Turkic language spoken primarily by the Tatars, an ethnic group in Russia and neighboring countries. This Python malware strain, sourced by Cyble, can capture screenshots on the victim’s systems and send them over to […]
A cyber insurance firm reported a significant jump in the number of claims during the first half of the year, adding that damages caused by attacks has also increased. An analysis from San Francisco-based Coalition found that ransomware was the “largest driver of the increase in claims frequency,” which was up 12% on last year […]
Sep 25, 2023THNSpyware / Cyber Espionage Tibetan, Uyghur, and Taiwanese individuals and organizations are the targets of a persistent campaign orchestrated by a threat actor codenamed EvilBamboo to gather sensitive information. “The attacker has created fake Tibetan websites, along with social media profiles, likely used to deploy browser-based exploits against targeted users,” Volexity security researchers […]
Telecommunications company T-Mobile has been accused of two data breaches – one caused by a “system glitch” that accidentally exposed the personal information of its customers and the other that allegedly exposed employee personal information. The data breach was recognized by customers on September 20, who noticed that, upon logging into the T-Mobile app, that […]